Skip to main content
  • Place orders quickly and easily
  • View orders and track your shipping status
  • Enjoy members-only rewards and discounts
  • Create and access a list of your products

PowerEdge: RED007 error when applying latest iDRAC firmware from Out of Band interface

Summary: iDRAC update fails with the following error RED007: Unable to verify Update Package signature. Due to change to the digital signature, Workaround must be used to complete the update. This article applies to IDRAC7 and IDRAC8. ...

This article applies to This article does not apply to This article is not tied to any specific product. Not all product versions are identified in this article.

Symptoms

 

The following article provides information about how to update an iDRAC if it fails with error - RED007: Unable to verify Update Package signature



iDRAC7 and iDRAC8 firmware update jobs fail with "RED007: Unable to verify Update Package signature" if the following conditions are met:

  • Currently installed iDRAC firmware is 2.30.30.30 or older.
  • The iDRAC firmware update is being applied through Out of Band interface.
  • iDRAC firmware payload is 2.61.60.60 or newer.

RED007 Unable to verify Update Package signature

 Fig 1- RED007: Unable to verify Update Package signature.

Also, the error message will also get populated within the Lifecycle Controller Logs with additional details regarding failure.

RED007 Error message

 Fig 2 - RED007: Unable to verify Update Package signature.

 




Detailed Description:

The Update Package security signature cannot be verified. 

Systems Management Applications that leverage Out of Band update methods (ex: OpenManage Essentials, OpenManage Enterprise, Chassis Manager Controller) will encounter this failure as well.

 

 

Cause

-

Resolution

Resolution:

iDRAC7 and iDRAC8 Dell Update Packages (DUP) no longer carry SHA-1 digital signatures. This DUP change was introduced in iDRAC firmware 2.61.60.60 and later. iDRAC7 and iDRAC8 version 2.40.40.40 or later added support to verify the SHA256 signatures. iDRAC must be running one of the following versions to support SHA-256 DUP payloads through Out of Band updates.



Workarounds:

Leverage one of the following workarounds to update to the latest iDRAC firmware on impacted systems: 

  • Update to latest iDRAC release through In-Band interface (Operating System Dell update package).
  • Right-click and Extract the latest iDRAC Dell update package and update using the…/payload/firmimg.d7 through iDRAC Out of Band interface.
  • Step update the iDRAC version using the "Older versions"  from the Support Site bringing your iDRAC up to a version that supports SHA-256 signed Dell update packages before applying the latest update through Out of Band interface.

 


Affected Products

iDRAC7, iDRAC8, Lifecycle Controllers
Article Properties
Article Number: 000135299
Article Type: Solution
Last Modified: 25 Nov 2024
Version:  6
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.